Erik R. Jensen wrote:
Sounds to me like you are really looking for a single sign-on solution
(SSO).
You may want to look at
http://www.ja-sig.org/products/cas/
and
http://www.josso.org
I think these would be a better solution than trying to reinvent the
wheel. I have been working with CAS and like it so far. It has clients
for Apache, Java, .NET, Perl, PHP etc. and you can always write your own
since it is open. It will authenticate against a number of sources and
you can also create your own custom authentication source. There are
always closed solutions too. I know Oracle, Sun, IBM and Novell all have
single sign-on solutions if you want to pay for one.
Not only is it a great solution, there is a mod_cas authentication
module for Apache that will allow you to do apache-level authentication
against it. This makes it very easy to casify 3rd party apps that just
use normal apache authentication (.htaccess), or no authentication at all.
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
